Are you *sure* you didn't own that address already?
If not, it is VASTLY more probable you (and however generated this address before) just unearthed a bug in bitcoin's PRNG. Could you give more details - which OS and OpenSSL you have installed?
I find it *extremely* hard to believe you actually caused a collision. Not now, not in a 1000 years.
This.
Bad PRNG is more likely than collision. And we have had at least one corrupted RNG de-bugs thrown up by Bitcoin already, so it's got form.
OpenSSL on linux has had issues with generating weak keys in the past
http://perimetergrid.com/wp/2008/05/17/ubuntudebian-crng-cracked-ssh-vulnerable/ .... and also it has been mentioned that introducing compromised code to produce weak keys via bad RNGs is an attack used by the spooks (for communication interception).
How well can OpenSSL ECC keys generation really be trusted? Does it depend on version of OpenSSL, use of underlying RNG, OS, etc? Is anyone testing this for bitcoin specific key generation?
(That whole crap fight over ECC not going into RH-derivative linux OpenSLL module makes me smell smoke ... maybe it was never about the patent non-problem?)
Edit:
https://www.schneier.com/blog/archives/2008/05/random_number_b.htmlBack when the NSA was routinely weakening commercial cryptography, their favorite technique was reducing the entropy of the random number generator.
History doesn't repeat but it sure does rhyme sometimes ...
